Encrypt all note text!
- Users can not read notes without decryption key
- Masquerading as a user is not possible
- Developers can not see users notes or figure out what they say
- If there is a database leak, users data will not easily be decrypted
Ease of Use
- User can change password if needed
Encrypted Key is saved in database -> user logs in -> key is decrypted and set in session